Lucene search
+L

344 matches found

NVD
NVD
added 2024/12/17 4:15 p.m.36 views

CVE-2024-12192

A maliciously crafted DWF file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

7.8CVSS0.00262EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/17 3:28 p.m.28 views

CVE-2024-12670 DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software

A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

7.8CVSS0.00329EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/17 3:28 p.m.14 views

CVE-2024-12670 DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software

A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

7.8CVSS6.7AI score0.00329EPSS
Exploits0References1
CVE
CVE
added 2024/12/17 3:28 p.m.56 views

CVE-2024-12670

CVE-2024-12670 describes a heap-based overflow in Autodesk Navisworks when parsing DWFX files. The issue allows a malicious DWFX to cause a crash, read sensitive data, or execute arbitrary code in the current process, with local access and user interaction required. Connected sources (NVD/Red Hat...

7.8CVSS6.7AI score0.00329EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/12/17 3:17 p.m.35 views

CVE-2024-12192 DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software

A maliciously crafted DWF file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

7.8CVSS0.00262EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/17 3:17 p.m.13 views

CVE-2024-12192 DWFX File Parsing Vulnerabilities in Autodesk Navisworks Desktop Software

A maliciously crafted DWF file, when parsed through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

7.8CVSS7.8AI score0.00262EPSS
Exploits0References1
CVE
CVE
added 2024/12/17 3:17 p.m.60 views

CVE-2024-12192

CVE-2024-12192 concerns Autodesk Navisworks when parsing a maliciously crafted DWF file, causing an Out-of-Bounds Write. Public sources describe a vulnerability that can crash the process, corrupt data, or allow arbitrary code execution in the context of the affected Navisworks component. The CVE...

7.8CVSS7.8AI score0.00262EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/17 12:0 a.m.2 views

PT-2024-9980

Name of the Vulnerable Software and Affected Versions: Autodesk Navisworks Freedom affected versions not specified Autodesk Navisworks Simulate affected versions not specified Autodesk Navisworks Manage affected versions not specified Description: The issue is related to a Heap-based Overflow...

7.8CVSS7AI score0.00329EPSS
Exploits0References12
NVD
NVD
added 2024/12/04 12:15 p.m.21 views

CVE-2024-8894

Out-of-bounds Write vulnerability was discovered in Open Design Alliance Drawings SDK before 2025.10. Reading crafted DWF file and missing proper checks on received SectionIterator data can trigger an unhandled exception. This can allow attackers to cause a crash, potentially enabling a...

8.1CVSS0.00192EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/04 11:40 a.m.32 views

CVE-2024-8894 Out-of-bounds Write vulnerability in ODA SDK versions < 2025.10

Out-of-bounds Write vulnerability was discovered in Open Design Alliance Drawings SDK before 2025.10. Reading crafted DWF file and missing proper checks on received SectionIterator data can trigger an unhandled exception. This can allow attackers to cause a crash, potentially enabling a...

8.1CVSS0.00192EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/04 11:40 a.m.11 views

CVE-2024-8894 Out-of-bounds Write vulnerability in ODA SDK versions < 2025.10

Out-of-bounds Write vulnerability was discovered in Open Design Alliance Drawings SDK before 2025.10. Reading crafted DWF file and missing proper checks on received SectionIterator data can trigger an unhandled exception. This can allow attackers to cause a crash, potentially enabling a...

8.1CVSS7.5AI score0.00192EPSS
Exploits0References1
CVE
CVE
added 2024/12/04 11:40 a.m.53 views

CVE-2024-8894

Open Design Alliance Drawings SDK (pre-2025.10) is affected by an out-of-bounds write when reading crafted DWF files due to missing checks on SectionIterator data. This can trigger an unhandled exception, potentially causing a crash and denial-of-service, with possible code execution. Affected ve...

8.1CVSS7AI score0.00192EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/10/02 12:0 a.m.9 views

Autodesk Navisworks Freedom DWF File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS6.8AI score0.00213EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/10/02 12:0 a.m.8 views

Autodesk Navisworks Freedom DWF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS6.8AI score0.00228EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/10/02 12:0 a.m.7 views

Autodesk Navisworks Freedom DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS6.8AI score0.00208EPSS
Exploits0References1
NVD
NVD
added 2024/09/30 9:15 p.m.14 views

CVE-2024-7675

A maliciously crafted DWF file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Use-After-Free. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process...

7.8CVSS0.00213EPSS
Exploits0References1
OSV
OSV
added 2024/09/30 9:15 p.m.4 views

CVE-2024-7672

A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current proce...

7.8CVSS6.1AI score0.00208EPSS
Exploits0References1
NVD
NVD
added 2024/09/30 9:15 p.m.33 views

CVE-2024-7672

A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current proce...

7.8CVSS0.00208EPSS
Exploits0References1
OSV
OSV
added 2024/09/30 9:15 p.m.3 views

CVE-2024-7675

A maliciously crafted DWF file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Use-After-Free. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process...

7.8CVSS6.1AI score0.00213EPSS
Exploits0References1
NVD
NVD
added 2024/09/30 9:15 p.m.28 views

CVE-2024-7674

A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process...

7.8CVSS0.00228EPSS
Exploits0References1
Rows per page
Query Builder